xLinkFinder
A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given target. It can be used to find potential vulnerabilities in web applications. Features: * Discover endpoints * Find potential parameters * Generate a target specific wordlist Usage: 1. Clone the repository 2. Run the tool with the target URL as an argument Example: python xLinkFinder.py https://example.com
FEATURES
ALTERNATIVES
An information gathering tool for DNS, subdomains, ports, and directories enumeration.
A Burp extension to detect alias traversal via NGINX misconfiguration at scale.
Passive Network Audit Framework (PNAF) v0.1.2 provides passive network auditing capabilities and is now a project of COSMIC-Chapter of The Honeynet Project.
hpfeeds is a lightweight authenticated publish-subscribe protocol with Python 3 compatible broker and client.
A command-line tool for managing and analyzing Microsoft Forefront TMG and UAG configurations.
CrowdSec is a behavior detection engine with a global IP reputation network.
PINNED
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.